As far as I know electrum-words generate private spend key.
private view key is Keccak_256(private spend key). So how is it possible that if I calculate library function Keccak_256 (Crypto++) on my private spend key, I get something different then my actual private view key?
Asked
Active
Viewed 80 times
2
jakob
- 123
- 3
-
What you input? A number or a character sting? – p1gd0g Oct 20 '17 at 14:19
-
My program computes the correct value of Keccak_256. Keccak_256(0x4040404040404040404040404040404040404040404040404040404040404040) == Keccak_256("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@") == 0xf5f98609c9914be409c9060f871f0797dd98d63f0d2ca298810b42a919a0b12f You can verify it here... Monero key calculator outputs different value – jakob Oct 20 '17 at 15:17
1 Answers
3
There's an additional step performed, called "normalization". It's just a modulo operation with l. See sc_reduce32 ... is it really supposed to be that complicated?
Oh and note that mnemonic is decoded to seed and then:
spendkey = sc_reduce(seed)
viewkey = sc_reduce(keccak(spendkey))
New versions of wallets roll a random 256bits, normalize it and use that as seed so the below holds true:
seed == sc_reduce(seed)
See Why did monero-wallet-cli restore the same wallet with different mnemonic seeds?
JollyMort
- 19,934
- 3
- 46
- 105